2FA - Bypass Codes


This article explains how Bypass Codes work.

Note: You must have at least one device registered to your 2FA account to use bypass codes.

Generate Bypass Codes

A Bypass Code is a special, one-time-use passcode that you generate in advance and save in a safe place.

These codes are for backup use only, allowing you to sign in if your primary 2FA device isn't available - e.g. a lost phone or while traveling - and should not be considered a permanent replacement for other authentication options, including the recommended Duo Mobile app.

________________________

Instructions

  1. Go to the NetID Portal.
  2. Select Manage Your Account and log in with your NetID and password.
  3. Scroll down to the "Account Management" section and select the Print Bypass Codes link.
  4. A list of 10 codes will appear.
  5. Print or copy the codes and keep them in a secure location.

    Note: Generating a new list of bypass codes invalidates all previous codes.

_____________________

Additional Considerations

  • You must be logged in to generate these codes.
  • The 10 codes are unique and single-use.
  • Print or save these codes in a secure, offline location.
  • Never store them solely on your travel device (laptop or phone), in case it is lost or stolen.
Use Bypass Codes

Follow the steps below to log in with a bypass code.

_______________

Instructions

  1. Log in to a UA service with your NetID and password as usual. You will be directed to the 2FA authentication page.
  2. On the 2FA screen, select Other Options and then select Bypass code.

     
  3. Enter one of your bypass codes in the Bypass code field.
  4. Select Verify.

    Note: If you try to re-use a code, the 2FA page displays the following text: "Incorrect passcode. Try again when you’re ready."

  5. The prompt "Is this your device?" refers to remembering you for future logins.
    1. Select "Yes, this is my device" ONLY if you are on a private, secure computer.
    2. Select "No, other people use this device" if you are on a shared or public computer (e.g., in a library, lab, or classroom).

       
  6. If you see the prompt in the screenshot below, click the checkbox to Trust this browser for 30 days.

    Note: Check this box only if you are on a private, secure computer. Never use this option on a shared or public computer (e.g., in a library, lab, or classroom). Please be aware that some high-security services may still require 2FA, even after you have trusted the browser.

     
  7. Select Continue to application.
Device Registration Resources

If you need to Add a new device to your account or you need to Reactivate an existing device, please see the following articles for instructions: